All the classes in this file are class Mixins designed to be used with
web.py RequestHandler classes. The primary methods for each service are
authenticate_redirect(), authorize_redirect(), and get_authenticated_user().
The former should be called to redirect the user to, e.g., the OpenID
authentication page on the third party service, and the latter should
be called upon return to get the user data from the data returned by
the third party service.

They all take slightly different arguments due to the fact all these
services implement authentication and authorization slightly differently.
See the individual service classes below for complete documentation.

After authentication, the service will redirect back to the given
callback URI.

We request the given attributes for the authenticated user by
default (name, email, language, and username). If you don’t need
all those attributes for your app, you can request fewer with
the ax_attrs keyword argument.

Twitter and FriendFeed both require that you register a Callback
URL with your application. You should call this method to log the
user in, and then call get_authenticated_user() in the handler
you registered as your Callback URL to complete the authorization
process.

This method sets a cookie called _oauth_request_token which is
subsequently used (and cleared) in get_authenticated_user for
security purposes.

This method should be called from the handler for your registered
OAuth Callback URL to complete the registration process. We call
callback with the authenticated user, which in addition to standard
attributes like ‘name’ includes the ‘access_key’ attribute, which
contains the OAuth access you can use to make authorized requests
to this service on behalf of the user.

Some providers require that you register a Callback
URL with your application. You should call this method to log the
user in, and then call get_authenticated_user() in the handler
you registered as your Callback URL to complete the authorization
process.

To authenticate with Twitter, register your application with
Twitter at http://twitter.com/apps. Then copy your Consumer Key and
Consumer Secret to the application settings ‘twitter_consumer_key’ and
‘twitter_consumer_secret’. Use this Mixin on the handler for the URL
you registered as your application’s Callback URL.

When your application is set up, you can use this Mixin like this
to authenticate the user with Twitter and get access to their stream:

The user object returned by get_authenticated_user() includes the
attributes ‘username’, ‘name’, and all of the custom Twitter user
attributes describe at
http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-users%C2%A0show
in addition to ‘access_token’. You should save the access token with
the user; it is required to make requests on behalf of the user later
with twitter_request().

Many methods require an OAuth access token which you can obtain
through authorize_redirect() and get_authenticated_user(). The
user returned through that process includes an ‘access_token’
attribute that can be used to make authenticated requests via
this method. Example usage:

To authenticate with FriendFeed, register your application with
FriendFeed at http://friendfeed.com/api/applications. Then
copy your Consumer Key and Consumer Secret to the application settings
‘friendfeed_consumer_key’ and ‘friendfeed_consumer_secret’. Use
this Mixin on the handler for the URL you registered as your
application’s Callback URL.

When your application is set up, you can use this Mixin like this
to authenticate the user with FriendFeed and get access to their feed:

The user object returned by get_authenticated_user() includes the
attributes ‘username’, ‘name’, and ‘description’ in addition to
‘access_token’. You should save the access token with the user;
it is required to make requests on behalf of the user later with
friendfeed_request().

Many methods require an OAuth access token which you can obtain
through authorize_redirect() and get_authenticated_user(). The
user returned through that process includes an ‘access_token’
attribute that can be used to make authenticated requests via
this method. Example usage:

No application registration is necessary to use Google for authentication
or to access Google resources on behalf of a user. To authenticate with
Google, redirect with authenticate_redirect(). On return, parse the
response with get_authenticated_user(). We send a dict containing the
values for the user, including ‘email’, ‘name’, and ‘locale’.
Example usage:

To authenticate with Facebook, register your application with
Facebook at http://www.facebook.com/developers/apps.php. Then
copy your API Key and Application Secret to the application settings
‘facebook_api_key’ and ‘facebook_secret’.

When your application is set up, you can use this Mixin like this
to authenticate the user with Facebook:

The user object returned by get_authenticated_user() includes the
attributes ‘facebook_uid’ and ‘name’ in addition to session attributes
like ‘session_key’. You should save the session key with the user; it is
required to make requests on behalf of the user later with
facebook_request().

Many methods require an OAuth access token which you can obtain
through authorize_redirect() and get_authenticated_user(). The
user returned through that process includes an ‘access_token’
attribute that can be used to make authenticated requests via
this method. Example usage: